Search form

TRENDING:

FEATURED:

TIA cautions against cybersecurity mandates

Lieberman and four other co-sponsors introduced a
revised version of his bill last week that softened provisions dealing with critical
infrastructure. It proposed to establish a program where companies operating
critical infrastructure could certify that their computer systems meet
certain cybersecurity standards in exchange for incentives. The changes
were made to mollify concerns voiced by Republicans and business groups
about the bill being too regulatory.

The five co-sponsors are hosting a press conference on Tuesday afternoon
to describe the changes made to the latest version of the cybersecurity
bill.

Danielle Coffey, TIA's vice president for government affairs, said the
trade group is still reviewing the latest version of Lieberman's bill
but noted it made "real progress" from the original one introduced
earlier this year. However, she added TIA is still weighing whether the
critical infrastructure provisions are "truly voluntary measures."

"If it's benchmarks and goal posts they want us to reach, and [also
create] a structure where regulations may or may not be imposed, that
leaves a lot open for the government to come up with regulations and
mandates in the future, even if it's not the intention of this Congress
to impose them right now," said Coffey.

In the white paper, TIA argues that improving information sharing about
cyberthreats between the government and industry would help critical
infrastructure operators immediately address bad code or other malicious
threats spotted on their computer systems. The white paper noted that
information sharing needs to happen in real-time and also voiced support
for the House's Cyber Intelligence Sharing and Protection Act.

Among the six policy recommendations listed in the report, TIA argues
for increased funding for cybersecurity research and development and
support of industry-developed cybersecurity best practices. It also
warns against the introduction of supply chain rules that would restrict
telecommunications equipment from being imported into the United
States, noting that the nation's "global economic competitiveness could
be severely affected by other export markets adopting similar
restrictive policies."